<?php
/**
*
* Copyright (C) 2007 IVLOS
*
* This file is part of PDF Annotation Engine.
*
* PDF Annotation Engine is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* PDF Annotation Engine is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with PDF Annotation Engine. If not, see <http://www.gnu.org/licenses/>.
*
* PDF Annotation Engine was originaly made by Infi, The Netherlands.
*
* If you have any questions or suggestions, mail us at hide@address.com
*
**/
class user extends crud_db {
// static methods
function search($query) {
global $db;
$query = str_replace(' ', ' ', trim($query));
$values = explode(' ', $query);
$key1 = 'username';
$key2 = 'firstname';
$key3 = 'lastname';
$sql = "SELECT * FROM user";
$data = array();
if(count($values) > 0) {
$first = true;
foreach($values as $value) {
if($first) {
$sql .= " WHERE `$key1` LIKE ?";
$first = false;
} else {
$sql .= " OR `$key1` LIKE ?";
}
$sql .= " OR `$key2` LIKE ?";
$sql .= " OR `$key3` LIKE ?";
$data[] = "%$value%";
$data[] = "%$value%";
$data[] = "%$value%";
}
}
$result = $db->getAll($sql, $data, DB_FETCHMODE_ASSOC);
return crud_db::from_result($result, 'user');
}
function from_login($username, $password) {
global $db;
$sql = 'SELECT * FROM user WHERE username = ? AND password = ?';
$data = array($username, md5($password));
$row = $db->getRow($sql, $data, DB_FETCHMODE_ASSOC);
return user::from_row($row);
}
function from_session() {
if(isset($_SESSION['user_id'])) {
return user::from_id($_SESSION['user_id']);
} else {
return false;
}
}
function unregister() {
unset($_SESSION['user_id']);
}
function id() {
return $_SESSION['user_id'];
}
function check_userlevel($level) {
$user = user::from_session();
if($user) {
$userlevel = $user->userlevel;
} else {
$userlevel = 'none';
}
switch($userlevel) {
case 'admin':
if($level == 'admin') return true;
case 'teacher':
if($level == 'teacher') return true;
case 'student':
if($level == 'student') return true;
case 'guest':
if($level == 'guest') return true;
case 'none':
if($level == 'none') return true;
}
return false;
}
function check_username($username, $exclude_id) {
global $db;
if(is_null($exclude_id)) {
$sql = 'SELECT * FROM user WHERE username = ?';
$data = array($username);
} else {
$sql = 'SELECT * FROM user WHERE username = ? AND NOT (id = ?)';
$data = array($username, $exclude_id);
}
$row = $db->getRow($sql, $data, DB_FETCHMODE_ASSOC);
return ($row === null);
}
// regular methods
function register() {
$_SESSION['user_id'] = $this->id;
}
function set_value($field, $value) {
if($field == 'password') {
$this->$field = md5($value);
} else {
$this->$field = $value;
}
}
function formatted_name() {
$name_array = array($this->firstname, $this->infix, $this->lastname);
foreach($name_array as $index => $string) {
if($string == '') {
unset($name_array[$index]);
}
}
$formatted_name = implode(' ', $name_array);
if($formatted_name == '') {
$formatted_name = $this->username;
}
return $formatted_name;
}
// inherited static methods
function from_row($row) {
return parent::from_row($row, __CLASS__);
}
function from_values($values) {
return parent::from_values($values, __CLASS__);
}
function array_from_id($id) {
return parent::array_from_id($id, __CLASS__);
}
function from_id($id) {
return parent::from_id($id, __CLASS__);
}
function select($filter=array()) {
return parent::select($filter, __CLASS__);
}
function assoc_list($field, $filter=array()) {
return parent::assoc_list($field, $filter, __CLASS__);
}
// inherited regular methods
function update() {
return parent::update(__CLASS__);
}
function insert() {
return parent::insert(__CLASS__);
}
function delete() {
return parent::delete(__CLASS__);
}
}